vxencrypt - list and manage encrypted volume operations.
vxencrypt [-g diskgroup] list
vxencrypt [-g diskgroup] password volume
The vxencrypt command is used to list and manage encrypted volumes. The vxencrypt command is also used to change the password of encrypted volumes.
list Displays the encryption status of volumes. If no disk group arguments are specified, then status of volumes from all disk groups is displayed. If disk group is specified with -g option, then information is displayed for only the volumes in the specified disk group. If disk group is encrypted, then status of disk group is displayed as encrypted_by_default. Encryption status has three probable values as follows:
encrypted volumes encrypted and associated with a key management server. encrypted with password volumes encrypted with a password. not encrypted non encrypted volumes. passwd Used to change the password of existing encrypted volume. The -g option is used to specify the encrypted volume from specified diskgroup. Note: This operation is not permitted on non-encrypted volumes, and for encrypted volumes associated with a Key Management Server.
-g diskgroup Specifies the disk group for the operation, either by the disk group ID or by the disk group name. If this option is not specified, the default disk group is determined using the rules given in the vxdg(1M) manual page.
To create volumes in mydg diskgroup (encrypted, non-encrypted), use the following:
vxassist -g mydg make vol1 500m encrypted=on vxassist -g mydg make vol2 500m
To display the encryption status of volumes:
Disk group: mydg
VOLUME STATUS vol1 encrypted vol2 not encrypted
To change the password of encrypted volumes:
vxencrypt –g mydg passwd vol1
Enter current password for volume vol1: Enter new password for volume vol1: Confirm password for volume vol1: